Participants at Thomson Reuters’ second annual ASEAN regulatory summit, held in Singapore earlier this month, are relatively confident that their firms are addressing know-your-customer (KYC) compliance and counter-terrorist financing (CFT) risks. In an interactive poll of delegates, 55% said they believed their bank or financial institution places sufficient attention on addressing KYC and CFT risks in trade financing, while 17.6% were unsure and 22.8% felt there is insufficient attention to key risks. The remaining 4% even felt there was “too much focus” on the risks.
Managing those risks is, though, becoming increasingly complex. Regulations vary significantly between different countries in the ASEAN region, said Thomson Reuters’ Apac proposition lead BC Tan. There is no standard dual goods list across ASEAN, for example, and even countries that are adopting the same version of the European Union (EU) list omit certain items. Moreover, even now, “we’re (still) working to get everyone on the 2012 standard.”
Impetus for more regulation
Governments are under pressure to prevent the financing of terrorist activities, observed Bos Smith, chief operating officer (COO) of Seabury Asset Management. “Guidance continues what we saw in the UK – a risk-based approach, a culture of compliance, and training. Most importantly, the programme is commensurate with the scope of the bank.”
Following the recent crackdown at BSI Bank’s Singapore unit, though, Smith said “Singapore is looking to set precedents in enforcement. The new division at the Monetary Authority of Singapore (MAS) sends a clear message that banks need to take anti-money laundering (AML) seriously. Hong Kong is going to follow suit.”
Tan noted, however, that any new guidelines would bring challenges. “First, the data that you need to be compliant is what exists, but which was built for a different purpose – to facilitate trade. Second, while clients are helpful, (guidelines) fall short on what documents clients need to submit. Finally, banks haven’t always had a definition of the International Maritime Organization (IMO) number for the vessel – (ships) can rename and reflag.” The result has been “a complete disconnect between regulators and this expectation.”
Tan sees three key issues that need to be addressed. First, there are multiple versions of regulations in different countries and, since the regulations total at least 3,000 lines, countries can easily miss out a field. Second, banks only see documents and participants won’t give them more. Third, it can be hard to identify what the goods really are; at least in part because the description that is typed in often uses a brand name rather than a description of the goods.
A further issue is determining whether goods will be used for a legitimate purpose when they are dual use goods. DBS Bank’s group head of financial crime and chief information security officer (CISO), Richard Moore, said that the bank seeks to understand products and channels. If they’re starting to use products that differ from the nature of the business, that should be a red flag.
Tan made the point though that if, for example pipes go to a factory that builds washers, it makes sense – even though pipes for a washing machine share the same code as pipes for a centrifuge used in a nuclear facility.
Solutions from financial institutions
While his bank focuses on trade and is not expert in goods, Moore said that his bank can reduce risk by mapping to detectors, while Smith’s firm has undertaken a lot of work with customs, not just for KYC and AML but for understanding the business and for financing. “Customers have shipping and shipper information, but it often needs to be scrubbed to be useful.” To resolve this issue, Seabury has a cargo advisory group that takes the information and scrubs it so they can verify the data.
To check whether prices of goods are reasonable, even if they are not traded commodities, the firm works to integrate itself electronically into its customers’ procurement systems. “Doing so gives us insights into current transactions, and past transactions,” added Smith. “It can help us identify red flags when prices or terms change unexpectedly. We can get a reasonable approximation of the price.”
Asked whether there might there be a trend towards de-risking for banks, Moore said that trade finance is a high-volume low-margin business. When the risk of the transaction is too high, the bank makes a decision based on the viability of the customer. “We take a risk-based assessment on how we cost services to the customer.”
While the current regulatory environment is indeed complex, the combination of technology and creative solutions at banks is leading to far better management of risk – despite the challenges and constant changes.
The UK’s Prompt Payment Code will have a significant impact on the relationship between large businesses and their suppliers. What does the Code mean for your business? And how can you navigate this change effectively?
When it comes to the relationship between Europe and Britain – uniformity isn’t a word that currently springs to mind. And that’s not just a reference to Brexit. Whilst the Europe and Britain do find themselves in the midst of a political break-up – their monetary policies are also showing signs of divergence.
Europe’s introduction of the General Data Protection Regulation (GDPR) next May will have implications for businesses around the world and US corporates should start getting ready if they haven’t already done so.
The recent NotPetya cyberattack underlined the need for organisations to address their exposure and how to mitigate the risk.